Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have a requirement to encrypt a string in java using AES algorithm and to decrypt the data in PHP. I have searched SO but I dint get any exact answer.
In some posts, they used Padding. And also they spoke about the key size.
But, I don't have any idea about the key size and what padding I should use.
So please help me by posting some sample code and explanations to understand better.
Thanks in advance!!
The key size is not important, any of the available sizes are secure.
AES is a block cipher, that means that input must be a multiple of the block size: 16-bytes. Unless the input is always a multiple of the block size padding will be required.
The standard padding for AES is PKCS#7 (sometimes stated PKCS#5). The problem is PHP and the usual mcrypt library used, it does not support PKCS#7 padding, only null padding and can not be used with binary data. The bozo maintainers refuse to add PKCS#7 padding. You will have to add your own PKCS#7 padding support if you use mcrypt, it is not hard, generally three lines of code.
But there are more issues. The encryption mode and CBC mode requires an iv which should be random data. Authentication to determine if the decrypted data is correct. The key should not be a string, if it is it should be used to derive a key with a function such as PBKDF2.
I suggest using RNCryptor which is available for Java, php and many other languages. It provided all the necessary elements to create secure encryption including: AES-256 encryption,CBC mode, password stretching with PBKDF2, password salting, random IV, encrypt-then-hash HMAC authentication, and versioning.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I am using bouncy castle libraries for generating a Certificate signing request, but instead of the keypair generator function provided by them, I am using a public key which I have generated knowing the modulus and exponent. Now I want to just hash the details and send to another server which has the private key to sign it. The private key wont leave that server.
Is it possible to do so in bouncy castle or any other libraries?
I have checked that bouncy castle hashes and signs the CSR together in on command, is it possible to separate these two commands?
This is the public key generation with known modulus and exponent
This is the createCSR function making the csr from the user details
This is the fun called which returns a string to the X500 principle function
Generally, no, at least not without hacking.
In principle it is of course possible to do this. For instance, you could simply send over a structure using CertificationRequestInfo :
https://github.com/bcgit/bc-java/blob/master/core/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java
This is basically the CSR without signature. You could then lift the signing procedure from Bouncy Castle and implement that part. However, that's not a structure that has been standardized to be used alone, so by default software won't know how to process it. Generally the CSR is always generated where the private key is located.
There are of course other options (or hacks):
implement a CSR creation service at the location of the private key;
sign the request with a temporary key, replace the public key of the CSR and re-sign the request at the location of the private key.
Of course, the problem with those options is that you would still need to do significant work at the location of the private key, which probably makes them next to useless.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I am attempting to learn more about password hashing. I am pretty used to java and am trying to write my own hashing function for a password. I understand you should never implement your own password security this is purely an academic endeavor. I have made my own implementation of HashMap and other data structures. I would appreciate a description of how hashing works and code fragments if needed. I have searched for an answer but all I can find is how to use SHA 256 (or others ) to hash a password. I would like to make my own to learn more about the algorithms. Thank you for any and all help.
p.s.
To clarify, I know there are algorithms that you can import in java to hash password. I am looking for a description of how these functions work and how the are similar to a hashMap so I can attempt to replicate it.
This is a very broad question but hopefully a few high level details will help you.
Firstly though, as you said, you should not generally implement a secure hashing function yourself since it is very easy to make mistakes resulting in security vulnerabilities.
Cryptographic hashing, such as is provided in SHA-2 at various bit strengths, is a one way cryptographic process of converting your input bytes into an output of the specified length. Assuming correct algorithms, this output cannot be directly converted back to the input.
For discussions on the SHA-2 algorithm in specific you can start with the wikipedia page: https://en.wikipedia.org/wiki/SHA-2
For designing your own algorithm you would want to take into account the following considerations (as SHA-2 and other hashing algorithms do, excerpted from Wikipedia):
it is deterministic so the same message always results in the same hash
it is quick to compute the hash value for any given message
it is infeasible to generate a message from its hash value except by trying all possible messages
a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value
it is infeasible to find two different messages with the same hash value
Further, for password hashing in particular:
Going against the "quick" consideration above, password hashing algorithms are generally chosen to be slower and more difficult to implement in hardware (e.g. scrypt) in order to reduce the ability to brute force a password when its hash and salt are known. Commonly this is done by doing some 1000+ rounds of SHA-2.
Lastly, outside of the hashing algorithm itself, it is important to make sure the password hashes are salted. Salt here refers to modifying the password (e.g. by prefixing it) before hashing with a randomly generated salt value that is also stored with the hash. This prevents an existing or single dictionary of password hashes from being used against all hashes in your database were it to be compromised (i.e. it forces an attacker to attack each hash individually).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I have a settings.ini file which contains following text-
[Settings]
IP=LF5ITzfFWttFqp1JwS3yig==
DATABASE=3Oulto+YrEerz3//yLacbEYGlcue8+kv41dAyqHxxKI=
USER=mEjikdSuE2+78JsA7atxhw==
PASSWORD=kXnsw31pVdtj+LU9vZ7qPQ==
I know that a JAVA application reads this configuration and process it by decrypting it. Please can anyone help me find out what library of JAVA can be used to decrypt this kind of text or what library is used for this kind of encryption.
There's not a lot of information to go on there.
The data is base64-encoded (recognizable by the alphabet used and the == padding at the end), but it appears to be encrypted underneath because it decodes to what appears to be random binary data.
The "IP", "USER", and "PASSWORD" fields are 16 bytes long, which suggests that we're looking at a symmetric cipher with a 128-bit block size and that it's using a fixed IV and no message integrity check. (A 64-bit cipher with either an IV block or a MAC block is also possible but less likely because that would require the plaintext to be at most 8 bytes; while it's not unreasonable for usernames and passwords to be 8 bytes or less, how often does someone use integer notation for an IP address rather than dotted-decimal?)
The "DATABASE" field is 32 bytes long, which is consistent with the hypothesis of a 128-bit block cipher with a fixed IV and no integrity check.
A 128-bit block cipher is most likely AES. A fixed IV with no integrity check (which is an insecure cryptographic practice) suggests ECB mode. (Technically speaking, ECB mode doesn't use an IV at all.) But the only way to get the key will be to examine the software that uses this data. If you disassemble it, you should be able to get both the key and confirm how the encryption was performed.
As for software to use, there are various cryptographic libraries for Java that can decrypt AES-ECB. Try looking at the javax.crypto classes. Or the Bouncycastle library.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I need to generate a 64 bit public-private key pair but can't find out any standard algorithm.
When you say public-private key pair, you imply that you are talking about asymmetric cryptography. Key sizes here are normally much much bigger than this - 512 bit or 1024 bit are common. If you are actually talking symmetric cryptography, then just randomly generate a 64 bit number (and, if you are using an algorithm like DES/3DES, check it against known weak keys for the algorithm).
Offhand, I can't think of a public-key cryptography algorithm that would be even somewhat secure with only a 64-bit key. RSA is by far the most common, but for it a 512 bit key is on the small side. Elliptical curve cryptography doesn't require as large of keys as most other public-key algorithms, but even so you typically need somewhere in the range of 150-200 bits.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions concerning problems with code you've written must describe the specific problem — and include valid code to reproduce it — in the question itself. See SSCCE.org for guidance.
Closed 9 years ago.
Improve this question
I want to find the RSA code in both Javascript and Java code. And they can return the same result in encrypt and decrypt.
My purpose is: I can encrypt a message in the user's browser using Javascript (with the public key). After I can decrypt that message in my server (with private key).
I found on internet but Javascript and Java return difference result: if I encrypt using Javascript, I cannot decrypt using Java.
This is not a good idea.
RSA public key encryption is suitable for encrypting a session key, not the entire message. It's too slow and it's susceptible to a man-in-the-middle attack when used directly.
Just use SSL and be done with it.
I am curious why the javascript and java had different results, as RSA isn't platform dependent, but, converting the key to a byte array can differ, so that could be your difficulty.
If you are encrypting a password then it may make sense to use RSA, as the number of bytes that can be encrypted/decrypted is related to the length of the key.
Where you found the source code for Java and Javascript would be useful to see, or at least to know how the keys were turned into byte arrays, and then the private or public keys were created from those.
Here is a simple RSA algorithm for Javascript (numbers only); you can easily convert it to Java by following the source code of the page:
http://www.alporal.com/rsa.htm